Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Informix_dynamic_server
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 46 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-03-05 | CVE-2009-2753 | Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size. | Informix_dynamic_server | N/A | ||
| 2008-03-17 | CVE-2008-0949 | Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a malformed connection request packet. | Informix_dynamic_server | N/A | ||
| 2008-03-17 | CVE-2008-0727 | Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value. | Informix_dynamic_server | N/A | ||
| 2008-01-18 | CVE-2008-0369 | Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs. | Informix_dynamic_server | N/A | ||
| 2008-01-18 | CVE-2008-0368 | onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | Informix_dynamic_server | N/A | ||
| 2007-11-14 | CVE-2007-5957 | Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. | Informix_dynamic_server | N/A | ||
| 2007-11-14 | CVE-2007-5956 | Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. | Informix_dynamic_server | N/A | ||
| 2006-11-03 | CVE-2006-5664 | The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | Informix_client_sdk, Informix_dynamic_server, Informix_i\-Connect | N/A | ||
| 2006-11-03 | CVE-2006-5663 | IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | Informix_client_sdk, Informix_dynamic_server, Informix_i\-Connect | N/A | ||
| 2006-10-05 | CVE-2006-5163 | IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack. | Informix_dynamic_server | N/A |